CVE-2023-27826

HIGH

Seowonintech Swc-5100w Firmware - OS Command Injection

Title source: rule

Description

SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function.

Exploits (1)

exploitdb WORKING POC

by Momen Eldawakhly · pythonremotehardware

https://www.exploit-db.com/exploits/51311

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://pastebin.com/raw/buhVV7iL

[Product] https://usermanual.wiki/SEOWON-INTECH/SWC5100W

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/51311

Scores

CVSS v3 8.8

EPSS 0.1776

EPSS Percentile 95.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (2)

seowonintech/swc-5100w_firmware 1.9.9.4

seowonintech/swc-5100w_firmware 1.11.0.1

Published Apr 12, 2023

Tracked Since Feb 18, 2026